Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Implementing Cisco
MPLS
Version 2.1
Lab Guide
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
Copyright © 2004, Cisco Systems, Inc. All rights reserved.
Cisco Systems has more than 200 offices in the following countries and regions. Addresses, phone numbers, and fax
numbers are listed on the Cisco Web site at www.cisco.com/go/offices.
Argentina • Australia • Austria • Belgium • Brazil • Bulgaria • Canada • Chile • China PRC • Colombia • Costa Rica
Croatia • Cyprus • Czech Republic • Denmark • Dubai, UAE • Finland • France • Germany • Greece
Hong Kong SAR • Hungary • India • Indonesia • Ireland • Israel • Italy • Japan • Korea • Luxembourg • Malaysia
Mexico • The Netherlands • New Zealand • Norway • Peru • Philippines • Poland • Portugal • Puerto Rico • Romania
Russia • Saudi Arabia • Scotland • Singapore • Slovakia • Slovenia • South Africa • Spain • Sweden • Switzerland
Taiwan • Thailand • Turkey • Ukraine • United Kingdom • United States • Venezuela • Vietnam • Zimbabwe
Copyright © 2004 Cisco Systems, Inc. All rights reserved. CCSP, the Cisco Square Bridge logo, Cisco
Unity, Follow Me Browsing, FormShare, and StackWise are trademarks of Cisco Systems, Inc.; Changing
the Way We Work, Live, Play, and Learn, and iQuick Study are service marks of Cisco Systems, Inc.; and Aironet,
ASIST, BPX, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, Cisco, the Cisco Certified Internetwork Expert
logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Empowering the
Internet Generation, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, GigaDrive, GigaStack,
HomeLink, Internet Quotient, IOS, IP/TV, iQ Expertise, the iQ logo, iQ Net Readiness Scorecard, LightStream,
Linksys, MeetingPlace, MGX, the Networkers logo, Networking Academy, Network Registrar, Packet, PIX, Post-
Routing, Pre-Routing, ProConnect, RateMUX, Registrar, ScriptShare, SlideCast, SMARTnet, StrataView Plus,
SwitchProbe, TeleRouter, The Fastest Way to Increase Your Internet Quotient, TransPath, and VCO are registered
trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
All other trademarks mentioned in this document or Website are the property of their respective owners. The use of
the word partner does not imply a partnership relationship between Cisco and any other company. (0406R)
DISCLAIMER WARRANTY: THIS CONTENT IS BEING PROVIDED “AS IS.” CISCO MAKES AND YOU RECEIVE NO
WARRANTIES IN CONNECTION WITH THE CONTENT PROVIDED HEREUNDER, EXPRESS, IMPLIED, STATUTORY
OR IN ANY OTHER PROVISION OF THIS CONTENT OR COMMUNICATION BETWEEN CISCO AND YOU. CISCO
SPECIFICALLY DISCLAIMS ALL IMPLIED WARRANTIES, INCLUDING WARRANTIES OF MERCHANTABILITY,
NON-INFRINGEMENT AND FITNESS FOR A PARTICULAR PURPOSE, OR ARISING FROM A COURSE OF DEALING,
USAGE OR TRADE PRACTICE. This learning product may contain early release content, and while Cisco believes it to be
accurate, it falls subject to the disclaimer above.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
MPLS
Lab Guide
Overview
This guide presents the instructions and other information concerning the activities for this
course. You can find the solutions in the activity Answer Key.
Outline
This guide includes these activities:
Lab 2-1: Establishing the Service Provider IGP Routing Environment
Lab 3-1: Establishing the Core MPLS Environment
Lab 5-1: Initial MPLS VPN Setup
Lab 5-2: Running EIGRP Between PE and CE Routers
Lab 5-3: Running OSPF Between PE and CE Routers
Lab 5-4: Running BGP Between PE and CE Routers
Lab 6-1: Overlapping VPNs
Lab 6-2: Merging Service Providers
Lab 6-3: Common Services VPN
Lab 7-1: Separate Interface for Internet Connectivity
Lab 7-2: Multisite Internet Access
Lab 7-3: Internet Connectivity in an MPLS VPN
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
Lab 2-1: Establishing the Service Provider IGP
Routing Environment
Complete this lab activity to practice what you learned in the related module.
Activity Objective
In this activity, you will use the tasks and commands necessary to implement the service
provider IGP and routing environment. After completing this activity, you will be able to meet
these objectives:
Verify the service provider IP addressing scheme, data-link connection identifier (DLCI)
assignment, and interface status
Enable the service provider IGP and configure appropriate IP addressing
Visual Objective
The figure illustrates what you will accomplish in this activity. This activity contains
information about your laboratory setup, and details of the physical and logical connectivity in
the laboratory, and also information about the addressing scheme and IGP routing. The class
will be divided into pods (where x represents your assigned pod number). Each pod will contain
the router types as defined in the table.
The names of all routers in your pod follow the naming convention detailed in this table.
P (Provider) Px1 and Px2 are core routers in the network of the provider.
PE(Provider Edge) PEx1 and PEx2 are edge interfaces routers from provider to
customer network.
CE(Customer Edge) CEx1A and CEx2A, and CEx1B and CEx2B are customer edge
routers for respective customer A and customer B.
2 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
MPLS Lab Physical Connection Diagram
Physical connectivity has been provided by preconfigured permanent virtual circuits (PVCs)
defined by their respective DLCIs. The first serial interface of each router (P, PE, and CE) is
connected to a Frame Relay switch. The DLCI values for all Frame Relay virtual circuits are
shown in the DLCI identification table and the logical connection diagram visual. The DLCI
values for all Frame Relay virtual circuits are shown in DLCI identification table.
DLCI Identification
This visual represents the logical connection of each pod. The frame relay DLCI information is
included from the DLCI identification table.
Each pod has two P routers creating the core of the service provider network. Each P router
connects to the PE router that supports the point of presence (POP) which is the interface
between the service provider network and the customer network. The PE routers interconnect
two different customers (A and B).
Each pod is further divided into two workgroups. Each workgroup should configure its
respective left or right side of the pod. For example, Pod 1 workgroup 1 should configure P11,
PE11, CE11A, and CE11B. This leaves workgroup 2 to configure P12, PE12, CE12A, and
CE12B.
Your workgroup will still depend on the other workgroup to complete end-to-end connectivity
for customer A and customer B. Each customer has a location on each side of the workgroups.
An example is customer A with sites CE11A and CE12A. Site CE11A is connected to PE11
with workgroup 11; however, the other site CE12A is connected to the other PE12 router with
workgroup 12.
4 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
MPLS Lab IP Addressing Scheme
The IP addressing of routers has been performed using the allocations scheme detailed in the IP
host address table. Note that x equals your pod number.
Parameter Value
Note This addressing scheme has been selected for ease of use in the labs; it does not optimize
the use of the address space.
6 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
Required Resources
This is the resource required to complete this activity:
Cisco IOS documentation
Command List
The table describes the commands used in this activity.
Command Description
network network-number [network-mask] To specify a list of networks for the
no network network-number [network- EIGRP routing process, use the network
mask] router configuration command. To
remove an entry, use the no form of this
command.
router eigrp as-number To configure the EIGRP routing process,
no router eigrp as-number use the router eigrp global configuration
command. To shut down a routing
process, use the no form of this
command.
interface serial To define a logical point-to-point
[slot/port].subinterface point-to-point subinterface on a physical serial
interface.
encapsulation frame-relay Enables Frame Relay encapsulation.
frame-relay interface-dlci dlci Specifies the DLCI associated with its
point-to-point link.
show frame-relay pvc To display statistics about PVCs for
Frame Relay interfaces, use the show
frame-relay pvc privileged EXEC
command.
show interfaces serial [slot/port] To display information about a serial
interface, use the show interfaces
serial command in privileged EXEC
mode. When using Frame Relay
encapsulation, use the show interfaces
serial command in EXEC mode to
display information about the multicast
DLCI, the DLCIs used on the interface,
and the DLCI used for the Local
Management Interface (LMI).
show ip protocols To display the parameters and current
state of the active routing protocol
process, use the show ip protocols
EXEC command.
show ip route [ip-address [mask] To display the current state of the routing
[longer-prefixes]] | [protocol table, use the show ip route EXEC
[process-id]] command.
Activity Procedure
Complete these steps with reference to the preceding MPLS logical connection diagram and IP
addressing scheme. Workgroup 1 and 2 of each pod should configure their respective group of
routers.
Step 1 Configure and enable each service provider P router interface, subinterface, and
loopback for its appropriate DLCI and IP addressing.
Step 2 Configure and enable each service provider PE router interface, subinterface, and
loopback for its appropriate DLCI and IP addressing.
Step 3 Configure and enable each customer CE router interface, subinterface, and loopback
for appropriate DLCI and IP addressing.
Activity Verification
You have completed this task when you attain these results:
Pinged the remote end of each serial link from each router to verify that each link is
operational
8 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
Task 2: Configuring the Service Provider IGP
Your next task is to establish the service provider IGP routing environment. This task will
involve enabling the EIGRP routing protocol.
Activity Procedure
Complete these steps for workgroup 1 and 2 of each pod:
Step 1 On each customer CE router, enable the RIP version 2 (RIPv2) routing process.
Disable the auto summary feature of this routing protocol.
Step 2 On each P and PE router, enable the EIGRP routing process, using 1 as the AS
number, and ensure that the service provider networks are configured and are being
advertised by the EIGRP process. Disable the auto summary feature of this routing
protocol.
Step 3 Ensure that the other workgroup has completed its configuration tasks.
Activity Verification
You have completed this task when you attain these results:
On each P and PE router, you have verified that the EIGRP router process is active.
On each P and PE router, you have verified that the EIGRP router process is enabled on all
serial interfaces.
On each P and PE router, you have verified that the loopback interfaces of all P and PE
routers are displayed in the IP routing table.
On each P and PE router, you have verified that 192.168.x.0 subnetworks of all P and PE
routers are displayed in the IP routing table.
On each PE router, you have verified that 150.x.0.0 subnetworks of all P and PE routers are
displayed in the IP routing table.
10 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
Lab 3-1: Establishing the Core MPLS
Environment
Complete this lab activity to practice what you learned in the related module.
Activity Objective
In this activity, you will use the tasks and commands necessary to implement MPLS on frame-
mode Cisco IOS platforms. After completing this activity, you will be able to meet these
objectives:
Enable LDP on your PE and P routers
Disable MPLS TTL propagation
Configure conditional label distribution
Visual Objective
The figure illustrates what you will accomplish in this activity.
Required Resources
This is the resource required to complete this activity:
Cisco IOS documentation
MPLS Commands
Command Description
access-list access- To configure the access list mechanism for filtering frames by
list-number {permit | protocol type or vendor code, use the access-list global
deny} {type-code wild- configuration command. To remove the single specified entry
mask | address mask} from the access list, use the no form of this command.
no access-list access-
list-number {permit |
deny} {type-code wild-
mask | address mask}
ip cef To enable CEF on the RP card, use the ip cef command in global
configuration mode. To disable CEF, use the no form of this
command.
mpls ip To enable MPLS forwarding of IPv4 packets along normally
no mpls ip routed paths for the platform, the mpls ip command can be used
in global configuration mode (for traffic engineering [TE]) but must
be used at the interface configuration mode for LDP to become
active. To disable this feature, use the no form of this command.
mpls ip propagate-ttl To control the generation of the TTL field in the MPLS header
no mpls ip propagate- when labels are first added to an IP packet, use the mpls ip
ttl [forwarded | propagate-ttl global configuration command. To use a fixed TTL
local] value (255) for the first label of the IP packet, use the no form of
this command.
mpls label protocol To specify the label distribution protocol to be used on a given
{ldp | tdp | both } interface, use the mpls label protocol interface configuration
[no] mpls label command. Use the no form of the command to disable this
protocol feature.
show mpls interfaces To display information about one or more interfaces that have
[interface] [detail] been configured for label switching, use the show mpls
interfaces privileged EXEC command.
show mpls ldp To display the status of the LDP discovery process, use the
discovery show mpls ldp discovery privileged EXEC command. This
command generates a list of interfaces over which the LDP
discovery process is running.
show mpls ldp neighbor To display the status of LDP sessions, issue the show mpls ldp
[address | interface] neighbor privileged EXEC command.
[detail]
show mpls ldp bindings To display the contents of the LIB, use the show mpls ldp
[network {mask | bindings privileged EXEC command.
length} [longer-
prefixes]] [local-
label label [-
label]} [remote-label
label [- label]
[neighbor address]
[local]
12 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
Command Description
mpls ldp advertise- To control the distribution of locally assigned (incoming) labels by
labels [for prefix- means of LDP, use the mpls ldp advertise-labels command in
access-list [to peer- global configuration mode. This command is used to control
access-list]] which labels are advertised to which LDP neighbors. To prevent
the distribution of locally assigned labels, use the no form of this
no mpls ldp advertise- command.
labels [for prefix-
access-list [to peer-
access-list]]
Activity Procedure
Complete these steps:
Step 3 Verify that the other workgroup has completed its configuration.
Note The mpls label protocol klp command can be issued at the global configuration level.
Note The mpls ip command is issued to enable MPLS on an interface, but it will be displayed in
the configuration (show running-config) command output as tag-switching ip command.
On each of your routers, you have verified that the interface is up and has established an
LDP neighbor relationship.
Px1#show mpls ldp discovery
Local LDP Identifier:
192.168.1.81:0
Discovery Sources:
Interfaces:
Serial0/0.111 (ldp): xmit/recv
LDP Id: 192.168.x.17:0
Serial0/0.112 (ldp): xmit/recv
LDP Id: 192.168.x.97:0
14 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
On each of your routers, verify that LDP has allocated a label for each prefix in its IP
routing table.
PEx1#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter
area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
On each of your routers, verify that LDP has received a label of the subnetworks and
loopback interfaces of the other core routers.
Px1#sh mpls ldp bindings
tib entry: 150.x.0.0/16, rev 16
local binding: tag: 20
remote binding: tsr: 192.168.x.17:0, tag: imp-null
remote binding: tsr: 192.168.x.97:0, tag: 20
tib entry: 150.x.11.16/28, rev 18
remote binding: tsr: 192.168.x.17:0, tag: imp-null
tib entry: 150.x.11.32/28, rev 19
remote binding: tsr: 192.168.x.17:0, tag: imp-null
tib entry: 192.168.x.0/24, rev 17
remote binding: tsr: 192.168.x.17:0, tag: imp-null
tib entry: 192.168.x.17/32, rev 14
local binding: tag: 19
remote binding: tsr: 192.168.x.17:0, tag: imp-null
remote binding: tsr: 192.168.x.97:0, tag: 19
tib entry: 192.168.x.33/32, rev 10
local binding: tag: 18
remote binding: tsr: 192.168.x.17:0, tag: 20
remote binding: tsr: 192.168.x.97:0, tag: 17
tib entry: 192.168.x.48/28, rev 12
16 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
local binding: tag: imp-null
remote binding: tsr: 192.168.x.17:0, tag: imp-null
remote binding: tsr: 192.168.1.97:0, tag: 18
tib entry: 192.168.x.64/28, rev 6
local binding: tag: 17
remote binding: tsr: 192.168.x.17:0, tag: 18
remote binding: tsr: 192.168.x.97:0, tag: imp-null
tib entry: 192.168.x.81/32, rev 8
local binding: tag: imp-null
remote binding: tsr: 192.168.x.17:0, tag: 19
remote binding: tsr: 192.168.x.97:0, tag: 16
tib entry: 192.168.x.97/32, rev 2
local binding: tag: 16
remote binding: tsr: 192.168.x.17:0, tag: 16
remote binding: tsr: 192.168.x.97:0, tag: imp-null
tib entry: 192.168.x.112/28, rev 4
local binding: tag: imp-null
remote binding: tsr: 192.168.x.17:0, tag: 17
remote binding: tsr: 192.168.x.97:0, tag: imp-null
Perform a traceroute from your PE router to the loopback address of the PE router of the
other workgroup and verify that the results display the associated labels.
Tracing the route to 192.168.x.33
1 192.168.x.50 [MPLS: Label 18 Exp 0] 164 msec 196 msec 200 msec
2 192.168.x.114 [MPLS: Label 17 Exp 0] 56 msec 56 msec 56 msec
3 192.168.x.65 40 msec 40 msec
Activity Procedure
Complete these steps:
Step 3 Verify that the other workgroup has completed its configuration.
Activity Verification
You have completed this task when you attain these results:
You have performed a traceroute from your PE router to the loopback address of the PE
router of the other workgroup and compared this display to the display obtained in the
previous task.
PEx1#traceroute 192.168.x.33
Type escape sequence to abort.
Tracing the route to 192.168.x.33
Note When you are troubleshooting, it may become necessary to view the core routes when
doing traces. If so, it will be necessary to re-enable TTL propagation. Doing so may affect
the results of the traces shown in the lab activity verification because additional hops and
labs will be displayed.
18 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
Task 3: Configuring Conditional Label Distribution
For the label binding displays that you did in Task 2, you can see that a label is assigned to
every prefix that is in the IP routing table of a router. This label assignment results in wasted
label space and resources necessary to build unused LSPs. In this task, you will use conditional
label advertising to restrict the distribution of labels related to the WAN interfaces in the core.
Workgroup 1 will configure PEx1 and Px1. Workgroup 2 will configure PEx2 and Px2.
Activity Procedure
Complete these steps:
Step 1 On your PE router, display the LSPs that are being built.
PEx1#sh mpls for
Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
16 16 192.168.x.97/32 0 Se0/0.111 point1point
17 Pop tag 192.168.x.112/28 0 Se0/0.111 point1point
18 17 192.168.x.64/28 0 Se0/0.111 point1point
19 Pop tag 192.168.x.81/32 0 Se0/0.111 point1point
20 18 192.168.x.33/32 0 Se0/0.111 point1point
Step 2 Note that an LSP has been built to the WAN interface that connects the other PE and
P router. This LSP will never be used because traffic will not normally terminate at
this point.
Step 3 On your assigned P and PE routers, configure conditional label distribution to allow
only the distribution of labels related to the core loopback addresses and the
interfaces that provide direct customer support.
Step 4 Verify that the other workgroup has completed its configuration tasks.
Activity Verification
You have completed this task when you attain these results:
On your PE router, you have displayed the LSPs that are being built.
PE11#sh mpls f
Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
16 16 192.168.1.97/32 0 Se0/0.111 point1point
17 Untagged 192.168.1.112/28 0 Se0/0.111 point1point
18 Untagged 192.168.1.64/28 0 Se0/0.111 point1point
19 Pop tag 192.168.1.81/32 0 Se0/0.111 point1point
20 18 192.168.1.33/32 0 Se0/0.111 point1point
Note An LSP is no longer built to the WAN interface that connects the other PE and P routers.
Note The prefix assigned to the WAN interface connecting the other P and PE routers no longer
has a remote label assigned. Further, none of the core WAN interfaces have remote labels
assigned. This lessening of assignments results in a reduced label space, which saves
memory resources.
20 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
Task 4: Removing Conditional Label Distribution
For the conditional label distribution displays that you did in Task 3, you can see that a label is
not assigned to every prefix that is in the IP routing table of a router. In this task, you will
remove conditional label advertising so that there are no restrictions on the distribution of
labels related to the WAN interfaces in the core.
Workgroup 1 will configure PEx1 and Px1. Workgroup 2 will configure PEx2 and Px2.
Activity Procedure
Complete these steps:
Step 2 Verify that the other workgroup has completed its configuration task.
Activity Verification
You have completed this activity when you attain these results:
On your PE router, you have displayed the LSPs that are being built.
PEx1#sh mpls for
Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
16 16 192.168.x.97/32 0 Se0/0.111 point1point
17 Pop tag 192.168.x.112/28 0 Se0/0.111 point1point
18 17 192.168.x.64/28 0 Se0/0.111 point1point
19 Pop tag 192.168.x.81/32 0 Se0/0.111 point1point
20 18 192.168.x.33/32 0 Se0/0.111 point1point
Note The mpls label protocol ldp command can be issued at the global configuration level.
Note The mpls ip command is issued to enable MPLS on an interface but will be displayed in the
configuration (show running-config) command output as tag-switching ip command.
22 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
Task 2: Disabling TTL Propagation
Configuration steps on PEx1 and PEx2:
PEx*(config)#no tag-switching ip propagate-ttl
24 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
Lab 5-1: Initial MPLS VPN Setup
Complete this lab activity to practice what you learned in the related module.
Activity Objective
The company that you work for is a small service provider. Your pod has been given the task of
creating two simple VPNs to support two new customers (customer A and customer B) who
have just signed with you.
In this activity, you will create a simple VPN for your customer. After completing this activity,
you will be able to meet these objectives:
Configure MP-BGP to establish routing between the PE routers of your workgroup
Configure the VRF tables necessary to support your customer and establish your customer
RIP routing using a simple VPN
Visual Objective
The figure illustrates what you will accomplish in this activity.
These activities rely on Lab 3-1: Establishing the Core MPLS Environment, in which you
established MPLS connectivity in your backbone.
Please verify that MPLS has been enabled on all core interfaces in your backbone, and that it
has not been enabled on interfaces toward the customer workgroup routers or other service
providers.
This activity contains tasks that enable you to configure your core MPLS VPN infrastructure
and to establish a simple any-to-any VPN service for a customer.
You will also test various PE-CE routing options, ranging from RIP and OSPF to running BGP
between the PE and the CE routers.
Required Resources
This is the resource required to complete this activity:
Command List
The table describes the commands used in this activity.
VPN-Related Commands
Command Description
26 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
Command Description
neighbor remote-as To add an entry to the BGP or MP-BGP neighbor table, use
the neighbor remote-as router configuration command. To
remove an entry from the table, use the no form of this
command.
neighbor update-source To have the Cisco IOS software allow IBGP sessions to use
any operational interface for TCP connections, use the
neighbor update-source router configuration command. To
restore the interface assignment to the closest interface,
which is called the “best local address,” use the no form of
this command.
ping vrf vrf-name host Pings a host reachable through the specified VRF.
redistribute bgp as- Redistributes BGP routes into RIP with propagation of the
number metric transparent MED into the RIP hop count.
show ip bgp vpnv4 vrf Displays VPN IPv4 (VPNv4) routes associated with the
vrf-name specified VRF.
show ip route vrf vrf- Displays an IP routing table of the specified VRF.
name
show ip vrf detail Displays detailed VRF information.
telnet host /vrf vrf-name Makes a Telnet connection to a CE router connected to the
specified VRF.
Workgroup 1 will configure MP-BGP on PEx1, and workgroup 2 will perform the same task on
PEx2.
Activity Procedure
Complete these steps:
Step 1 Activate the BGP process on your assigned router using AS 65001 as the AS
number. Disable the auto summary feature.
Step 2 Activate VPNv4 BGP sessions between your assigned PE router and the PE router
being configured by the other workgroup. Disable the auto summary feature.
Step 3 Verify that the other workgroup has completed its configuration tasks.
Activity Verification
You have completed this task when you attain these results:
You have displayed the BGP neighbor information and ensured that BGP sessions have
been established between the two PE routers.
PEx1#sh ip bgp sum
BGP router identifier 192.168.x.17, local AS number 65001
BGP table version is 1, main routing table version 1
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down
State/PfxRcd
28 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
Received 7 messages, 0 notifications, 0 in queue
Sent 7 messages, 0 notifications, 0 in queue
Default minimum time between advertisement runs is 5 seconds
SRTT: 197 ms, RTTO: 984 ms, RTV: 787 ms, KRTT: 0 ms
minRTT: 44 ms, maxRTT: 300 ms, ACK hold: 200 ms
Flags: higher precedence, nagle
Activity Procedure
Complete these steps:
Step 1 Design your VPN networks—decide on the RD and the RT numbering. Coordinate
your number with the other workgroup.
Note The easiest numbering plan would be to use the same values for the RD and the RT. Use
simple values—for example, x:10 for customer A and x:20 for customer B.
Step 2 Create VRFs on the PE routers and associate the PE-CE interfaces into the proper
VRFs; use simple yet descriptive VRF names (for example, CExA and CExB).
Step 3 Your customer is using RIP as its IGP, so enable RIP for the VRF that you have
created.
Step 4 Configure redistribution of RIP into BGP with the address-family ipv4 vrf vrf-
name command.
Step 5 Configure redistribution of BGP into RIP with the address-family ipv4 vrf vrf-
name command.
Step 6 Configure RIP metric propagation through MP-BGP by using the redistribute bgp
as-number metric transparent command in the RIP process.
Step 7 Ensure that RIP is enabled on all of the CE routers. Make sure that all of the
networks (including loopbacks) are active in the RIP process.
Activity Verification
You have completed this task when you attain these results:
You verified that you have the proper configuration of your VRF tables with the show ip
vrf detail command. You should get a printout similar to the one here:
PEx1#sh ip vrf detail
VRF Customer_A; default RD x:10; default VPNID <not set>
Interfaces:
Serial0/0.101
Connected addresses are not in global routing table
Export VPN route-target communities
RT:x:10
Import VPN route-target communities
RT:x:10
No import route-map
No export route-map
30 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
VRF Customer_B; default RD x:20; default VPNID <not set>
Interfaces:
Serial0/0.102
Connected addresses are not in global routing table
Export VPN route-target communities
RT:x:20
Import VPN route-target communities
RT:x:20
No import route-map
No export route-map
Check the routing protocols running in your VRF with the show ip protocol vrf command.
When executed on PEx1, it will produce a printout similar to the one here:
PEx1#sh ip prot vrf Customer_A
Routing Protocol is "bgp 65001"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
IGP synchronization is disabled
Automatic route summarization is disabled
Redistributing: rip
Maximum path: 1
Routing Information Sources:
Gateway Distance Last Update
192.168.x.33 200 15:05:06
Distance: external 20 internal 200 local 200
Verify the per-VRF routing table on the PE router with the show ip route vrf command. It
will produce a printout similar to the one here:
PEx1#sh ip route vrf Customer_A
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter
area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
32 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
R 10.1.x1.49/32 [120/1] via 150.x.x1.17, 00:00:24, Serial0/0.101
B 10.1.x2.16/28 [200/1] via 192.168.x.33, 15:10:04
R 10.1.x1.16/28 [120/1] via 150.x.x1.17, 00:00:24, Serial0/0.101
150.x.0.0/28 is subnetted, 2 subnets
B 150.x.x2.16 [200/0] via 192.168.x.33, 15:46:04
C 150.x.x1.16 is directly connected, Serial0/0.101
Use the show ip bgp vpnv4 vrf command to display the BGP routing table associated with
a VRF. The printout from the PEx1 router is shown here:
PEx1#show ip bgp vpnv4 vrf Customer_A
BGP table version is 47, local router ID is 192.168.x.17
Status codes: s suppressed, d damped, h history, * valid, > best, i -
internal,
r RIB-failure
Origin codes: i - IGP, e - EGP, ? - incomplete
On a CE router, use the show ip route command to verify that the router is receiving all
VPN routes. Also verify that no routes from the other customer or the MPLS core are being
received. On CEx1A, the printout is similar to the one here:
CEx1A#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Use ping and trace on the CE routers to verify connectivity across the VPN.
CEx1A#traceroute 150.x.x2.17
34 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
CEx1A#ping 150.x.x2.17
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 150.x.x2.17, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 144/146/148 ms
Use the show ip route command on the PE routers to verify that the customer routes are
not in the global IP routing table.
PEx1#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set
192.168.x.0/24 is variably subnetted, 7 subnets, 2 masks
D 192.168.x.97/32 [90/2809856] via 192.168.x.50, 19:14:54, Serial0/0.111
D 192.168.x.112/28 [90/2681856] via 192.168.x.50, 19:14:54, Serial0/0.111
D 192.168.x.64/28 [90/3193856] via 192.168.x.50, 19:14:54, Serial0/0.111
D 192.168.x.81/32 [90/2297856] via 192.168.x.50, 19:14:54, Serial0/0.111
D 192.168.x.33/32 [90/3321856] via 192.168.x.50, 19:14:54, Serial0/0.111
C 192.168.x.48/28 is directly connected, Serial0/0.111
C 192.168.x.17/32 is directly connected, Loopback0
Use ping and trace commands on the PE routers to verify that you cannot reach your
customer networks from global address space.
PEx1#ping 150.x.x1.17
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 150.x.x1.17, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
PEx1#ping 150.x.x1.33
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 150.x.x1.33, timeout is 2 seconds:
.....
36 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
Lab 5-1 Answer Key: Initial MPLS VPN Setup
When you complete this activity, your router will be similar to the following, with differences
that are specific to your pod.
38 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
Lab 5-2: Running EIGRP Between PE and CE
Routers
Complete this lab activity to practice what you learned in the related module.
Activity Objective
Some customers use EIGRP as the routing protocol in their VPN; sometimes, EIGRP is even
combined with RIP or BGP at other sites. In this activity, the customers of the service provider
have decided to migrate some of their sites to EIGRP.
In this activity, you will deploy EIGRP as the PE-CE routing protocol in the VPN of your
customer. After completing this activity, you will be able to meet this objective:
Convert one of each of the customer sites to EIGRP (from RIP) and establish VPN routing
using EIGRP. The other site will remain running RIP as the IGP.
Visual Objective
The figure illustrates what you will accomplish in this activity.
Required Resources
This is the resource required to complete this activity:
Cisco IOS documentation
40 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
Command List
The table describes the commands used in this activity.
OSPF Commands
Command Description
address-family ipv4 Enters address family configuration mode and creates a VRF.
[multicast | unicast | vrf The VRF name (or tag) must match the VRF name that was
vrf-name] created in Step 3 from Task 2.
network ip-address network- Specifies the network for the VRF. The network statement is
mask used to identify which interfaces to include in EIGRP. The
VRF must be configured with addresses that fall within the
subnetwork range of the configured network statement.
redistribute protocol Redistributes BGP into the EIGRP. The AS number and
[process-id] {level-1 | metric of the BGP network are configured in this step. BGP
level-1-2 | level-2} [as- must be redistributed into EIGRP for the CE site to accept the
number] [metric metric- BGP routes that carry the EIGRP information. A metric must
value] [metric-type type- also be specified for the BGP network and is configured in
value] [route-map map- this step.
name][match {internal |
external 1 | external 2}]
[tag tag-value] [route-map
map-tag] [subnets]
router eigrp as-number Enters router configuration mode and creates an EIGRP
routing process.
show ip eigrp vrf vrf-name Displays EIGRP interfaces that are defined under the
interfaces specified VRF. If an interface is specified, only that interface
is displayed. Otherwise, all interfaces on which EIGRP is
running as part of the specified VRF are displayed.
show ip eigrp vrf vrf-name Displays when VRF neighbors become active and inactive.
neighbors This command can be used to help debug transport
problems.
show ip eigrp vrf vrf-name Displays VRF entries in the EIGRP topology table. This
topology command can be used to determine Diffusing Update
Algorithm (DUAL) states and to debug possible DUAL
problems.
show ip vrf Displays the set of defined VRFs and associated interfaces.
This command is used to verify that the correct RDs are
configured for the VRF.
Workgroup 2 will convert the customer B site, CEx2B, from RIP to EIGRP and establish a
simple VPN.
Each workgroup is responsible for all PE router configurations related to its customer.
Activity Procedure
Complete these steps:
Step 1 Disable RIP and configure EIGRP on one of the two routers of your customer.
Workgroup 1 will configure CEx1A, and workgroup 2 will configure CEx2B. Use
your x# as the AS number for EIGRP. Because both customers are connected via the
same 150.x.0.0 network, be specific on the EIGRP statement to match the
appropriate interface.
Note Do not forget to remove the address family from the RIP routing process. This action will
disable the sites still running RIP as the CE-PE routing protocol.
Step 2 On your assigned PE router, configure redistribution of EIGRP into BGP with the
address-family ipv4 vrf vrf-name command. Because the source EIGRP metric is
incompatible with the destination RIP metric, set the default metric to 1.
Step 3 On your assigned PE router, configure redistribution of BGP into EIRGP with the
address-family ipv4 vrf vrf-name command Disable the auto summary feature of
EIGRP.
Activity Verification
You have completed this task when you attain these results:
You have verified that EIGRP has been activated on the proper interfaces.
PEx1#sh ip eigrp int
IP-EIGRP interfaces for process 1
Xmit Queue Mean Pacing Time Multicast
Pending
Interface Peers Un/Reliable SRTT Un/Reliable Flow Timer Routes
Se0/0.111 1 0/0 600 0/15 2991 0
Lo0 0 0/0 0 0/10 0 0
42 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
You have verified that EIGRP adjacencies have been established between the CE and PE
routers.
PEx1#sh ip eigrp vrf Customer_A nei
IP-EIGRP neighbors for process 4
H Address Interface Hold Uptime SRTT RTO Q Seq Type
(sec) (ms) Cnt Num
0 150.x.x1.17 Se0/0.101 14 00:02:51 340 2040 0 4
Verify connectivity across the VPN by using ping and trace commands on the CE routers
and ping vrf and trace vrf commands on the PE routers.
CEx1B#ping 150.x.x2.33
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 150.x.x2.33, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 144/147/152 ms
CEx1A#ping 150.x.x2.17
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 150.x.x2.17, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 144/147/152 ms
CEx1B#trace 150.x.x2.33
Type escape sequence to abort.
Tracing the route to 150.x.x2.33
1 150.x.x1.34 12 msec 12 msec 12 msec
2 150.x.x2.34 64 msec 60 msec 60 msec
3 150.x.x2.33 77 msec 76 msec *
CEx1A#trace 150.x.x2.17
Type escape sequence to abort.
Tracing the route to 150.x.x2.17
1 150.x.x1.18 12 msec 12 msec 12 msec
2 150.x.x2.18 64 msec 60 msec 64 msec
3 150.x.x2.17 76 msec 76 msec *
44 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
PEx1#trace vrf Customer_B 10.2.x2.49
Type escape sequence to abort.
Tracing the route to 10.2.x2.49
1 150.x.x2.33 60 msec 60 msec *
46 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
Configuration steps on PEx2:
PEx2(config)#router rip
PEx2(config-router)#no address-family ipv4 vrf Customer_B
PEx2(config-router)#router eigrp 1
PEx2(config-router)#address-family ipv4 vrf Customer_B
PEx2(config-router-af)#autonomous-system x
PEx2(config-router-af)#network 150.x.x2.32 0.0.0.15
PEx2(config-router-af)#no auto-summary
PEx2(config-router-af)#redistribute bgp 65001 metric 10000 100 255 1 1500
PEx2(config-router-af)#exit
PEx2(config-router)#router bgp 65001
PEx2(config-router)#address-family ipv4 vrf Customer_B
PEx2(config-router-af)#no redistribute rip
PEx2(config-router-af)#redistribute eigrp x metric 1
Activity Objective
Some customers insist on using OSPF as the routing protocol in their VPN, sometimes even
combined with RIP or BGP at other sites. In this activity, you will complete the CE to PE
routing protocol to OSPF. After completing this activity, you will be able to meet these
objectives:
Convert one of each of the customer sites to OSPF (from RIP) and establish VPN routing
using OSPF
Complete the OSPF migration
Visual Objective
The figure illustrates what you will accomplish in this activity.
48 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
MPLS Lab Customer OSPF Scheme
Required Resources
This is the resource required to complete this activity:
Cisco IOS documentation
OSPF Commands
Command Description
ping vrf vrf-name host Pings a host reachable through the specified VRF.
redistribute bgp as- Redistributes BGP routes (including subnetwork routes) into
number subnets OSPF.
router ospf process Starts an OSPF process within the specified VRF.
vrf vrf-name
route-target Assigns an RT to a VRF.
import|export value
show ip bgp vpnv4 vrf Displays VPNv4 routes associated with the specified VRF.
vrf-name
show ip ospf database Displays OSPF database information.
show ip route vrf vrf- Displays an IP routing table of the specified VRF.
name
show ip vrf detail Displays detailed VRF information.
telnet host /vrf vrf- Makes a Telnet connection to a CE router connected to the
name specified VRF.
50 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
Task 1: Configuring OSPF as the PE-CE Routing Protocol
In this task, your customer has decided to have one IGP OSPF. This decision means that the
sites that are running EIGRP and RIP will have to be converted to OSPF. Workgroup 1 will
convert customer A (CEx1A and CEx2A), and workgroup 2 will convert customer B (CEx1B
and CEx2B) to establish a simple VPN.
Each workgroup is responsible for all PE router configurations related to its customer.
Activity Procedure
Complete these steps:
Step 1 Disable EIGRP and RIP and configure OSPF on the CE routers of your customer.
Configure OSPF (use an OSPF process ID of 1 for workgroup 1 and a process ID of
2 for workgroup 2) areas in the CE router according to the information here.
Loopback 0
Area 1 E0/0
Step 2 Configure OSPF (use an OSPF process ID of 1 for workgroup 1 and a process ID of
2 for workgroup 2) in the VRFs on PE routers using the router ospf vrf command.
Use OSPF Area 0 on the PE-CE link.
Step 3 Configure redistribution from OSPF to MP-BGP using the redistribute ospf
command inside the VRF address family configuration.
Step 4 Configure redistribution from MP-BGP to OSPF using the redistribute bgp
subnets command in the OSPF router configuration.
Activity Verification
You have completed this task when you attain these results:
You have verified the OSPF adjacency on PEx1 and PEx2 routers using the show ip ospf
neighbor command.
PEx1#sh ip ospf nei
Neighbor ID Pri State Dead Time Address Interface
10.1.x1.49 0 FULL/ - 00:00:36 150.x.x1.17 Serial0/0.101
10.2.x1.49 0 FULL/ - 00:00:37 150.x.x1.33 Serial0/0.102
Check the IP routing table on CEx1A and note the OSPF interarea (IA) routes in the routing
table.
CEx1A#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
52 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter
area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Verify connectivity across the VPN by using ping and trace commands on the CE routers
and ping vrf and trace vrf commands on the PE routers. These are just a few examples.
CEx1A#ping 10.1.x2.49
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.x2.49, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 148/148/149 ms
54 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
PEx1(config)#router eigrp 1
PEx1(config-router)#no address-family ipv4 vrf Customer_A
PEx1(config)#router ospf 1 vrf Customer_A
PEx1(config-router)#network 150.x.0.0 0.0.255.255 area 0
PEx1(config-router)#redistribute bgp 65001 subnets
PEx1(config-router)#exit
PEx1(config)#router bgp 65001
PEx1(config-router)#address-family ipv4 vrf Customer_A
PEx1(config-router-af)#no redistribute eigrp x
PEx1(config-router-af)#redistribute ospf 1
Activity Objective
Your customer has indicated that it wants to have a backup link for a selected site for
redundancy. This addition will produce a multihomed environment. As a result, it is necessary
to use BGP as the CE-to-PE routing protocol. The provider has decided to do this conversion in
a phased implementation. The existing links will be converted to BGP, and then the backup
links will be added and activated.
In this activity, you will convert the CE-to-PE routing protocol of your customer to BGP. After
completing this activity, you will be able to meet these objectives:
Enable EBGP as the CE-to-PE link routing protocol
Enable a backup link
Configure BGP to control the selection of primary and backup links
Visual Objective
The figure illustrates what you will accomplish in this activity.
56 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
MPLS Lab Customer BGP Scheme
Required Resources
This is the resource required to complete this activity:
Cisco IOS documentation
BGP Commands
Command Description
neighbor ip-address Applies a route map to BGP updates received from or sent to the
route-map name in|out specified neighbor.
no neighbor ip-address Enables a BGP neighbor previously disabled with the neighbor
shutdown shutdown command.
ping vrf vrf-name host Pings a host reachable through the specified VRF.
show ip bgp vpnv4 vrf Displays VPNv4 routes associated with the specified VRF.
vrf-name
show ip route vrf vrf- Displays an IP routing table of the specified VRF.
name
telnet host /vrf vrf- Makes a Telnet connection to a CE router connected to the
name specified VRF.
58 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
Task 1: Configuring BGP as the PE-CE Routing Protocol
In this task, you will make BGP the routing protocol between the PE router and your customer
routers. OSPF will remain the customer IGP. You will need to redistribute from BGP to OSPF
and from OSPF to BGP on the routers of your customer. You will establish simple VPNs for
customer A and customer B. Workgroup 1 will convert customer A (CEx1A and CEx2A), and
workgroup 2 will convert customer B (CEx1B and CEx2B) to establish a simple VPN. Each
workgroup is responsible for all PE router configurations related to its customer.
Activity Procedure
Complete these steps:
Step 1 Activate the BGP routing process on the CE routers of your customer using
AS650x1 for customer A and AS 650x2 for customer B. Disable the auto summary
BGP feature.
Step 2 Remove OSPF on the associated PE router and activate the BGP neighbor
relationship between each CE router and its associated PE router.
Step 3 Because both of your customer sites are using the same AS number, you will need to
enable the AS-override feature on the PE routers.
Activity Verification
You have completed this task when you attain these results:
You have checked BGP connectivity with the show ip bgp summary command on the CE
routers.
CEx1A#sh ip bgp sum
BGP router identifier 10.1.x1.49, local AS number 650x1
BGP table version is 10, main routing table version 10
9 network entries and 9 paths using 1197 bytes of memory
2 BGP path attribute entries using 120 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP activity 9/30 prefixes, 9/0 paths, scan interval 60 secs
CEx1A#sh ip bgp
BGP table version is 63, local router ID is 10.1.x1.49
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete
Activity Procedure
Complete these steps:
Step 1 Configure an additional subinterface on the existing serial interfaces on your PE and
CE routers.
Step 2 Add the backup link to the appropriate VRF.
60 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
Step 3 Configure IP addresses and data-link connection identifiers (DLCIs) on this
interface using the parameters in the table.
Step 4 Activate the BGP neighbor relationship between your CE router and the appropriate
PE router.
Activity Verification
You have completed this task when you attain these results:
You have verified point-to-point connectivity over the new subinterface.
CEx1B#ping 150.x.x2.50
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 150.x.x2.50, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms
CEx2A#ping 150.x.x1.50
Sending 5, 100-byte ICMP Echos to 150.x.x1.50, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/29/32 ms
Check BGP connectivity with the show ip bgp summary command on the CE routers.
CEx2A#sh ip bgp sum
BGP router identifier 10.1.x2.49, local AS number 650x2
BGP table version is 10, main routing table version 10
9 network entries and 9 paths using 1197 bytes of memory
2 BGP path attribute entries using 120 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
CEx2A#sh ip bgp
BGP table version is 17, local router ID is 10.1.x2.49
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
62 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
* i10.2.x1.16/28 192.168.x.33 0 100 0 650x2 ?
*> 150.x.x1.33 0 0 650x2 ?
* i10.2.x1.49/32 192.168.x.33 0 100 0 650x2 ?
*> 150.x.x1.33 0 0 650x2 ?
*>i10.2.x2.16/28 192.168.x.33 0 100 0 650x2 ?
*>i10.2.x2.49/32 192.168.x.33 0 100 0 650x2 ?
r i150.x.x1.32/28 192.168.x.33 0 100 0 650x2 ?
r> 150.x.x1.33 0 0 650x2 ?
*>i150.x.x2.32/28 192.168.x.33 0 100 0 650x2 ?
* i150.x.x2.48/28 192.168.x.33 0 100 0 650x2 ?
*> 150.x.x1.33 0 0 650x2 ?
Activity Procedure
Complete these steps:
Step 1 Use the BGP local preference on the CE router to select the link to its local PE
router (through the MPLS core) as the primary link and the link to the remote PE
router (bypass link) as the backup link.
Step 2 Set the MED in outgoing routing updates from your CE router to make sure that the
PE routers prefer the link through the MPLS core before using the backup link.
Activity Verification
You have completed this task when you attain these results:
You may have had to issue a clear ip route or clear ip bgp * command on the CE router to
propagate routes with the new parameters.
You have verified that the primary link (the link to your local PE router) is being used. Use
the show ip bgp command to verify this. Make sure that the routes received from the
primary link are always selected as the best routes.
CEx1B#sh ip bgp
BGP table version is 8, local router ID is 10.2.x1.49
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
64 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
Verify that the backup link (the link to your local PE router) is being used. Use the show ip
bgp command to verify this.
CEx1B#sh ip bgp
BGP table version is 14, local router ID is 10.2.x1.49
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
66 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
PEx1(config-router)#address-family ipv4 vrf Customer_A
PEx1(config-router-af)#neighbor 150.x.x1.17 remote-as 650x1
PEx1(config-router-af)#neighbor 150.x.x1.17 activate
PEx1(config-router-af)#neighbor 150.x.x1.17 as-override
!******* Workgroup 2 **************
PEx1(config)#router bgp 65001
PEx1(config-router-af)#address-family ipv4 vrf Customer_B
PEx1(config-router-af)#no redistribute ospf 2
PEx1(config)#no router ospf 2 vrf Customer_B
PEx1(config)#router bgp 65001
PEx1(config-router-af)#address-family ipv4 vrf Customer_B
PEx1(config-router-af)#neighbor 150.x.x1.33 remote-as 650x2
PEx1(config-router-af)#neighbor 150.x.x1.33 activate
PEx1(config-router-af)#neighbor 150.x.x1.33 as-override
68 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
Configuration steps on CEx2A:
CEx2A(config)#route-map setLP permit 10
CEx2A(config-route-map)#set local-preference 50
CEx2A(config-route-map)#route-map setMED permit 10
CEx2A(config-route-map)#set metric 200
CEx2A(config-route-map)#router bgp 650x1
CEx2A(config-router)#neighbor 150.x.x1.50 route-map setLP in
CEx2A(config-router)#neighbor 150.x.x1.50 route-map setMED out
Activity Objective
Your VPN customers want to exchange data between their central sites. You have decided to
implement this request with an overlapping VPN topology.
In this activity, you will establish overlapping VPNs to support the needs of your customers.
After completing this activity, you will have met these objectives:
Design a VPN solution
Remove CEx1A and CEx2B from existing VRFs
Configure new VRFs for CEx1A and CEx2B
Visual Objective
The figure illustrates what you will accomplish in this activity.
70 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
In this lab activity, you will establish overlapping VPNs with the following connectivity goals:
Simple VPN communication:
— CEx1A and CEx2A can communicate.
— CEx1B and CEx2B can communicate.
— CEx1A and CEx1B cannot communicate.
— CEx2A and CEx2B cannot communicate.
— CEx1B and CEx2A cannot communicate.
Overlapping VPN communication (Customer_AB):
— CEx1A and CEx2B can communicate.
Required Resources
This is the resource required to complete this activity:
Cisco IOS documentation
Command List
The commands that are used in this activity have been used in previous activities.
Activity Procedure
Complete these steps:
Step 1 Allocate new RDs for VRFs to which CEx1A and CEx2B will be connected.
Step 2 A new RT is needed for the Customer_AB VPN. Coordinate the value of this RT
with the other workgroup within your pod.
Note You could use x:11 as the RD for VRFs connected to CEx1A, and you could use x:21 as the
RD for VRFs connected to CEx2B. You could use x:1001 as the RT for the Customer_AB
VPN.
Activity Verification
You have completed this task when you attain this result:
You have established RDs and RTs for the new VRFs.
Note When you enabled the backup link, you connected both CEx1A and CEx2A to PEx1.
Therefore, if you change the routing context of customer A on PEx1, you will affect both
CEx1A and CEx2A. This situation also holds true for CEx1B, CEx1B, and PEx2.
Sites CEx1A and CEx2B have to be migrated to new VRFs. All of the references to these sites
must be removed from the existing routing protocol contexts.
In this task, you will remove the references to CEx1A and CEx2B.
Activity Procedure
Complete these steps:
Step 1 Remove the address family BGP neighbor relationship between CEx1A and CEx2B
on their respective PE router.
Step 2 Check any other references to CEx1A and CEx2B in their PE router configuration
and, if required, remove them.
Activity Verification
You have completed this task when you attain these results:
On the PE router, you have verified that the interface toward the CE router is no longer in
the original VRF by using the show ip vrf interfaces command. This action should result
in a printout similar to the one here:
PEx1#sh ip vrf int
Interface IP-Address VRF Protocol
Interface IP-Address VRF Protocol
Serial0/0.113 150.x.x1.50 Customer_A up
Serial0/0.102 150.x.x1.34 Customer_B up
72 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
7 BGP path attribute entries using 1500 bytes of memory
1 BGP rrinfo entries using 24 bytes of memory
2 BGP AS-PATH entries using 48 bytes of memory
4 BGP extended community entries using 96 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 2139 total bytes of memory
BGP activity 51/29 prefixes, 69/43 paths, scan interval 15 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
150.x.x1.49 4 650x1 976 979 34 0 0 00:29:12 4
Activity Procedure
Complete these steps:
Step 1 Create the new VRFs for CEx1A and CEx2B on their PE router with the ip vrf
command.
Step 2 Assign new RDs to the newly created VRFs with the rd command.
Step 3 Assign proper import and export RTs to the newly created VRFs with the route-
target command.
Step 4 Reestablish BGP routing between the PE routers and the CE routers. Please refer to
Lab 5-4: Running BGP Between PE and CE Routers if you need more details.
Verify the BGP neighbors on the PE router with the show ip bgp vpnv4 vrf summary
command. This should give you a printout similar to the one here. Check the status of
CEx1A and CEx2B in the printout.
PEx1#sh ip bgp vpnv4 vrf Customer_AB sum
BGP router identifier 192.168.x.17, local AS number 65001
BGP table version is 49, main routing table version 49
10 network entries using 1210 bytes of memory
10 path entries using 640 bytes of memory
7 BGP path attribute entries using 1510 bytes of memory
1 BGP rrinfo entries using 24 bytes of memory
2 BGP AS-PATH entries using 48 bytes of memory
4 BGP extended community entries using 96 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 2438 total bytes of memory
BGP activity 57/35 prefixes, 75/49 paths, scan interval 15 secs
74 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 2068 total bytes of memory
BGP activity 130/110 prefixes, 168/146 paths, scan interval 15 secs
Check the BGP routing table in the new VRF with the show ip bgp vpnv4 vrf command.
You should see routes from CEx1A or CEx2B and routes imported from other VRFs. Use
the AS path to work out which routes belong to which CE router. Routes announced by
CEx1A should have 650x1 in the AS path, and routes announced by CEx2B should have
650x2 in the AS path.
PEx1#sh ip bgp vpnv4 vrf Customer_AB
BGP table version is 49, local router ID is 192.168.x.17
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Connect to CEx1A and perform ping and trace tests to the loopback address of CEx2B (or
vice versa). The other router should be reachable. For subgroup B, perform the test in the
other direction.
CEx1A#ping 10.2.x2.49
CEx1A#trace 10.2.x2.49
Type escape sequence to abort.
Tracing the route to 10.2.x2.49
1 150.x.x1.18 16 msec 16 msec 12 msec
2 150.x.x2.33 [AS 650x2] 72 msec 77 msec *
Connect to CEx2A and try to ping CEx2B or CEx1B. Those routers should not be reachable
from CEx2A.
CEx2A#ping 10.2.x2.49
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.2.x2.49, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
CEx2A#ping 10.2.x1.49
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.2.x1.49, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
76 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
Lab 6-1 Answer Key: Overlapping VPNs
When you complete this activity, your router will be similar to the following, with differences
that are specific to your pod.
Note After removing the interface from the VRF, the following message will appear:
“% Interface Serial0/0.101 IP address 150.x.x1.18 removed due to disabling VRF
Customer_A.”
Note After removing the interface from the VRF, the following message will appear:
“% Interface Serial0/0.102 IP address 150.x.x2.34 removed due to disabling VRF
Customer_B.”
78 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
Lab 6-2: Merging Service Providers
Complete this lab activity to practice what you learned in the related module.
Activity Objective
Your small service provider is merging with several other small service providers. To
accomplish this consolidation, a new central P router (P1) has been installed and configured.
Frame Relay connectivity has been provided from each local Px1 and Px2 router to P1. In
addition, the core Interior Gateway Protocol (IGP) is being converted from Enhanced Interior
Gateway Routing Protocol (EIGRP) to Intermediate System-to-Intermediate System (IS-IS).
In this activity, you will merge your small service provider with several other small service
providers. After completing this activity, you will be able to meet these objectives:
Convert the core IGP from EIGRP to IS-IS
Enable MPLS LDP connectivity with the central P router
Enable IBGP connectivity between all PE routers
Visual Objective
Workgroup 1 will configure PEx1 and Px1, and workgroup 2 will configure PEx2 and Px2. P1
has been preconfigured.
Command List
The table describes the commands used in this activity.
Command Description
router isis area-tag To enable the IS-IS routing protocol and to specify an IS-IS
process, use the router isis command in global configuration
mode. To disable IS-IS routing, use the no form of this command.
isis circuit-type To configure the type of adjacency, use the isis circuit-type
{level-1 | level-1-2 | interface configuration command. To reset the circuit type to
level-2-only} Level l and Level 2, use the no form of this command.
Activity Procedure
Complete these steps:
Step 1 Configure IP addresses and data-link connection identifiers (DLCIs) on this
interface using the parameters in the table here.
Note The parameters are configured on the P routers of the pod and not the PE routers.
80 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
IP Address and DLCI Configuration Parameters
Activity Verification
You have completed this task when you attain this result:
On your P router, you have used the show interface command to verify that the new
interfaces are operational.
Activity Procedure
Complete these steps:
Step 2 Enable IS-IS as the core IGP using the parameters detailed in the table.
IS-IS Parameters
Note Ensure that the metric-style command is set to wide, the is-type command is set to level-2-
only, and IS-IS has been enabled on the active serial interfaces that are supporting the core
MPLS.
82 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
Address Summarization:
None
Maximum path: 4
Routing for Networks:
Serial0/0.111
Serial0/0.112
Serial0/0.2x1
Loopback0
Routing Information Sources:
Gateway Distance Last Update
192.168.x.97 115 00:02:20
192.168.x.114 115 00:14:40
192.168.100.18 115 00:14:35
192.168.x.33 115 00:14:35
192.168.x.17 115 00:02:20
192.168.100.129 115 00:02:20
Distance: (default is 115)
Use the show ip route command and verify that all routers are sending and receiving the
appropriate prefixes.
PEx1#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Px1#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
Activity Procedure
Complete this step:
Activity Verification
You have completed this task when you attain these results:
On your P router, you have verified that an LDP neighbor relationship has been established
between your P router and P1.
Px1#sh mpls ldp nei
Peer LDP Ident: 192.168.x.17:0; Local LDP Ident 192.168.x.81:0
TCP connection: 192.168.x.17.646 - 192.168.x.81.11047
State: Oper; Msgs sent/rcvd: 48/46; Downstream
Up time: 00:27:52
LDP discovery sources:
Serial0/0.111, Src IP addr: 192.168.x.49
Addresses bound to peer LDP Ident:
192.168.x.17 192.168.x.49
84 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
Peer LDP Ident: 192.168.x.97:0; Local LDP Ident 192.168.x.81:0
TCP connection: 192.168.x.97.11021 - 192.168.x.81.646
State: Oper; Msgs sent/rcvd: 47/48; Downstream
Up time: 00:26:14
LDP discovery sources:
Serial0/0.112, Src IP addr: 192.168.x.114
Addresses bound to peer LDP Ident:
192.168.x.97 192.168.x.66 192.168.x.114 192.168.100.18
On your PE router, verify that labels are being received from the other workgroups.
PEx1#sh mpls forw
Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
16 Pop tag 192.168.x.81/32 0 Se0/0.111 point2point
17 Pop tag 192.168.x.112/28 0 Se0/0.111 point2point
18 Pop tag 192.168.100.8/29 0 Se0/0.111 point2point
19 17 192.168.x.97/32 0 Se0/0.111 point2point
20 18 192.168.x.64/28 0 Se0/0.111 point2point
22 20 192.168.x.33/32 0 Se0/0.111 point2point
23 Untagged 10.1.x1.16/28[V] 0 Se0/0.101 point2point
24 Untagged 10.1.x1.49/32[V] 0 Se0/0.101 point2point
25 Aggregate 150.x.x1.16/28[V] 2212
30 21 192.168.100.16/29 0 Se0/0.111 point2point
31 22 192.168.100.129/32 \
0 Se0/0.111 point2point
35 Untagged 10.2.x1.16/28[V] 0 Se0/0.102 point2point
36 Untagged 10.2.x1.49/32[V] 0 Se0/0.102 point2point
37 Aggregate 150.x.x1.32/28[V] 0
38 Untagged 150.x.x2.48/28[V] 0 Se0/0.102 point2point
There are two methods that you can implement. The first is to use the bgp neighbor command
to add a neighbor relationship between each of the routers, but this approach would entail a
substantial configuration effort.
The second method is to implement route reflectors. To this end, P1 has been configured as a
BGP route reflector. However, to take advantage of this fact, you will need to remove the
neighbor relationship between your two PE routers and make them clients of P1.
Note The loopback address for P1 is 192.168.100.129 with AS# 65001. Ensure that your update
source is also your loopback interface.
Step 1 Remove the neighbor relationship between your PE router and the remote PE router
in your workgroup.
Activity Verification
You have completed this task when you attain these results:
On your PE routers, you have checked BGP connectivity to all workgroups with the show
ip bgp summary and show ip bgp neighbor commands on CE routers.
86 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
Route Refresh: 0 0
Total: 281 271
Default minimum time between advertisement runs is 30 seconds
Outbound Inbound
Local Policy Denied Prefixes: -------- -------
Bestpath from this peer: 3 n/a
Total: 3 0
Number of NLRIs in the update sent: max 6, min 0
Outbound Inbound
Local Policy Denied Prefixes: -------- -------
AS_PATH loop: n/a 9
Bestpath from this peer: 7 n/a
Total: 7 9
Number of NLRIs in the update sent: max 3, min 0
88 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
Connections established 2; dropped 1
Last reset 05:26:35, due to Peer closed the session
Connection state is ESTAB, I/O status: 1, unread input bytes: 0
Local host: 150.x.x1.34, Local port: 11003
Foreign host: 150.x.x1.33, Foreign port: 179
Outbound Inbound
Local Policy Denied Prefixes: -------- -------
AS_PATH loop: n/a 12
Bestpath from this peer: 16 n/a
Total: 16 12
Number of NLRIs in the update sent: max 4, min 0
90 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
SRTT: 305 ms, RTTO: 340 ms, RTV: 35 ms, KRTT: 0 ms
minRTT: 40 ms, maxRTT: 372 ms, ACK hold: 200 ms
Flags: passive open, nagle, gen tcbs
Outbound Inbound
Local Policy Denied Prefixes: -------- -------
Bestpath from this peer: 1 n/a
Total: 1 0
Number of NLRIs in the update sent: max 0, min 0
Outbound Inbound
Local Policy Denied Prefixes: -------- -------
VPN Imported prefix: 10 n/a
Bestpath from this peer: 7 n/a
Total: 17 0
Number of NLRIs in the update sent: max 4, min 0
SRTT: 232 ms, RTTO: 775 ms, RTV: 543 ms, KRTT: 0 ms
minRTT: 60 ms, maxRTT: 308 ms, ACK hold: 200 ms
92 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
Flags: higher precedence, nagle
Verify the per-VRF table for your customer on your PE routers with the show ip route vrf
command. You should still see only the routes coming from the CE routers being selected.
PEx1#sh ip route vrf Customer_A
94 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
Lab 6-2 Answer Key: Merging Service Providers
When you complete this activity, your router will be similar to the following, with differences
that are specific to your pod.
Note These step are for the P router of the pod and not the PE router.
96 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
Task 3: Enabling MPLS LDP Connectivity with the Central P
Router
Note The subinterface number and DLCI number in the following configurations will match with
each other and are determined by the instructions for this task.
The NMS VPN should provide connectivity only between the NMS and a single IP address on
the CE router that is used for network management purposes.
In this activity, your service provider has established a network management center using a
VPN between the loopback interfaces of the CE routers and the NMS router. You will establish
connectivity only between the NMS and the CE router loopback interfaces with a /32 subnet
mask.
Complete this lab activity to practice what you learned in the related module.
Activity Objective
In this activity, you will establish a network management VPN between the loopback interfaces
of the CE routers and the NMS router. After completing this activity, you will be able to meet
these objectives:
Design a network management VPN
Establish connectivity between the management VRF and customer VRFs by configuring
proper route targets
98 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
Visual Objective
The figure illustrates what you will accomplish in this activity.
Note The NMS routers are shared between workgroups and are not configurable.
Required Resources
This is the resource required to complete this activity:
Cisco IOS documentation
Command List
The table describes the commands used in this activity.
Command Description
ip prefix-list name Creates an IP prefix list that matches all prefixes in a specified
permit address mask ge address space with a subnet mask longer or equal to the
len specified value.
match ip address Matches a prefix in a route map with a specified IP prefix list.
prefix-list list
route-map name permit Creates a route map entry.
seq
set extcommunity rt Appends the specified RT to a route matched with the match
value additive command.
Note The following configuration resides on the P1 router and, in this exercise, serves as a PE
router.
Note If you were implementing a common services VPN from scratch, you would need to
configure the supporting PE router using the VRF and routing commands used in previous
exercises. In this implementation, the NMS VPN is already configured on the central service
PE router, so you will need only to configure the VRF of your customer to match the RT
used by the NMS VPN.
To establish connectivity between the NMS VRF and the customer VRF, you must attach the
client RT to routes toward the CE router loopback addresses when the addresses are exported
from the customer VRF. You also need to import routes toward the NMS router into all
customer VRFs.
Activity Procedure
Complete these steps:
Step 1 Create an IP access list that will match the CE router loopback addresses.
Step 2 Create a route map that will match the CE router loopback addresses with the prefix
list and append the client RT to those routes.
Step 3 Apply the route map to routes exported from the customer VRF with the export
route-map command.
Step 4 Import NMS routes into the customer VRF by specifying the proper import RT.
100 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
Activity Verification
You have completed this task when you attain these results:
You have verified that the proper RTs are appended to the routes toward the CE router
loopback addresses by using the show ip bgp vpnv4 vrf name prefix command. This
action should result in a printout similar to the one here:
PEx1#sh ip bgp vpnv4 vrf Customer_A 10.1.x1.49
BGP routing table entry for 1:10:10.1.x1.49/32, version 46
Paths: (1 available, best #1, table Customer_A)
Advertised to non peer-group peers:
150.x.x1.49
650x1, imported path from 1:11:10.1.x1.49/32
150.x.x1.17 from 150.x.x1.17 (10.1.x1.49)
Origin incomplete, metric 0, localpref 100, valid, external, best
Extended Community: RT:1:10 RT:1:1001 RT:101:501
Using an extended ping command, verify that you can ping from the loopback address of
the managed CE router to the loopback address of the NMS CE router (10.10.10.49).
Using an extended ping command, verify that you cannot ping from the Ethernet address
of the managed CE router to the loopback address of the NMS CE router (10.10.10.49).
Verify that your CE router is seeing only prefixes within your VPN and that no prefixes are
being leaked from other VPNs.
102 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
Configuration steps on PEx2 for Customer B:
PEx2(config)#ip vrf Customer_B
PEx2(config-vrf)#export map NMS_Cus_B
PEx2(config-vrf)#route-target import 101:500
PEx2(config)#ip vrf B_Central
PEx2(config-vrf)#export map NMS_Cus_B
PEx2(config-vrf)#route-target import 101:500
PEx2(config)#route-map NMS_Cus_B permit 10
PEx2(config-route-map)#match ip address 20
PEx2(config-route-map)#set extcommunity rt 101:501 add
PEx2(config-route-map)#exit
PEx2(config)#access-list 20 permit host 10.2.x1.49
PEx2(config)#access-list 20 permit host 10.2.x2.49
Activity Objective
In this activity, you will implement a separate interface for Internet access. After completing
this activity, you will be able to meet these objectives:
Establish CE-PE connectivity for Internet access
Establish routing between the customer and the Internet
Visual Objective
You will configure additional virtual links (emphasized in the visual) between the central site
CE routers (CEx1A and CEx2B) and their PE routers. These circuits will be in the global
routing table, and you will configure static routing between the PE and CE routers. The remote
sites (CEx1B and CEx2A) will access the Internet using the MPLS VPN connection back to its
respective central site and then through the newly created link.
104 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
Note In this lab, the customer addressing scheme is in the private addressing range. In an actual
implementation, a NAT service would need to be provided at the customer interface to the
Internet access point. Because NAT is outside the scope of this course, this function is
omitted, and the lab has been set up to ensure that the customer addressing does not
overlap.
Required Resources
This is the resource required to complete this activity:
Cisco IOS documentation
Command List
The table describes the commands used in this activity.
Command Description
Activity Procedure
Complete these steps:
Step 1 Create a separate subinterface (S0/0.114) on the central router of the customer using
the address information from below.
Step 2 Activate the new interface in the Interior Gateway Protocol (IGP) routing process
and make the interface passive.
Step 4 Activate the new interface in the IGP routing process and make the interface
passive.
Note Global routing between your PE router and P1 was established in Lab 6-2: Merging Service
Providers.
Activity Verification
You have completed this task when you attain these results:
You have used the show ip interface command to verify the status of the new interfaces.
CEx1A#sh ip int s0/0.114
Serial0/0.114 is up, line protocol is up
Internet address is 150.x.x1.65/28
Broadcast address is 255.255.255.255
Address determined by setup command
MTU is 1500 bytes
************** output omitted ************************
106 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
Task 2: Establishing Routing Between the Customer and the
Internet
In this solution, the customer and the service provider have decided to use static routing for the
PE-CE Internet routing protocol. In this task, you will enable a static default route on the CE
router that points to the Internet and a static route on the PE router that points to the customer
address range.
Activity Procedure
Complete these steps:
Step 1 On the PE router that is supporting your CE router, create a static route that points to
the customer address range.
Note Your first choice for the static route would most likely be 10.1.0.0/16 for customer A and
10.2.0.0/16 for customer B. However, if you examine the addressing scheme used in these
labs, you will notice that customer A on all pods uses the same 10.1.0.0 address range. The
same is true for customer B, which uses 10.2.0.0 on all pods. To ensure that your static
routes do not overlap with the other pods, you will need a statement for each customer site.
Step 2 Redistribute this route into BGP so that it will be advertised to the Internet access
point.
Step 3 On your CE router, create a default route that will point all unknown routes to the
Internet interface.
Step 4 This static route will be used by both the local central sites and the remote VPN
sites. Because of this shared use, you will need to interject the route into both the
local and remote routing tables. You can accomplish this task by adding a network
statement to the BGP process that enables network 0.0.0.0.
Note For security reasons, the customer never wants packets that originate in its network or that
are addressed to its network to be sent out to the Internet. Creating a default route that
points all unroutable customer packets to the null interface will address this issue.
Activity Verification
You have completed this task when you attain these results:
You have verified the static route on the PE router.
PEx1#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Use an extended ping command to verify that host addresses with the customer network
can reach the Internet.
CEx1A#ping
Protocol [ip]:
Target IP address: 201.202.26.1
Repeat count [5]:
Datagram size [100]:
Timeout in seconds [2]:
Extended commands [n]: y
Source address or interface: 10.x.x1.49
Type of service [0]:
Set DF bit in IP header? [no]:
Validate reply data? [no]:
Data pattern [0xABCD]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Sweep range of sizes [n]:
Type escape sequence to abort.
108 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
Sending 5, 100-byte ICMP Echos to 201.202.26.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 100/135/193 ms
110 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
Task 2: Establishing Routing Between the Customer and the
Internet
Configuration steps on PEx1:
PEx1(config)#ip route 10.1.x1.0 255.255.255.0 150.x.x1.66
PEx1(config)#ip route 10.1.x2.0 255.255.255.0 150.x.x1.66
PEx1(config)#router bgp 65001
PEx1(config-router)#redistribute static
Note This conversion will require additional firewall and NAT services that are not addressed by
this lab activity.
Activity Objective
In this activity, you will migrate customers to direct BGP Interface access. After completing
this activity, you will be able to meet these objectives:
Establish remote site CE-PE connectivity for Internet access
Establish remote site routing between the customer and the Internet
Visual Objective
You will configure additional virtual links (emphasized in the figure here) between the routers
(CEx1B and CEx2A) and their PE routers. You will put these circuits and those created in the
previous lab in the global routing table. You will also configure a global BGP session between
PE routers and CE routers to exchange Internet routes between the service provider and the
customer.
112 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
Required Resources
This is the resource required to complete this activity:
Cisco IOS documentation
Command List
The table describes the commands used in this activity
Command Description
Activity Procedure
Complete these steps:
Step 1 Create a separate subinterface (S0/0.115) on the remaining router of the customer
using the address information from this table.
Step 2 Create a separate subinterface (0/0.115) on PE routers using the address information
in this table.
Activity Procedure
Complete these steps:
Step 1 On your assigned central CE router (CEx1A or CEx2B), remove the network
statement and passive interface command related to the WAN interface from the
customer IGP process.
Step 2 Remove the network statement that refers to network 0.0.0.0 from BGP.
Step 5 On the associated PE router, add the associated CE router as a BGP neighbor.
Step 6 On your assigned CE router (CEx2A or CEx1B), add the associated PE router as a
BGP neighbor.
Step 7 On the associated PE router, add the associated CE router as a BGP neighbor.
114 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
Activity Verification
You have completed this task when you attain these results:
You have verified the status of the BGP neighbors.
PEx1#sh ip bgp sum
BGP router identifier 192.168.1.17, local AS number 65001
BGP table version is 41, main routing table version 41
36 network entries using 3636 bytes of memory
36 path entries using 1728 bytes of memory
18 BGP path attribute entries using 1080 bytes of memory
2 BGP rrinfo entries using 48 bytes of memory
3 BGP AS-PATH entries using 72 bytes of memory
9 BGP extended community entries using 320 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 6884 total bytes of memory
BGP activity 96/9 prefixes, 107/13 paths, scan interval 60 secs
CEx1A#ping
Protocol [ip]:
Target IP address: 201.202.26.1
Repeat count [5]:
Datagram size [100]:
Timeout in seconds [2]:
Extended commands [n]: y
Source address or interface: 10.x.x1.49
Type of service [0]:
Set DF bit in IP header? [no]:
Validate reply data? [no]:
Data pattern [0xABCD]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Sweep range of sizes [n]:
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 201.202.26.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 100/135/193 ms
116 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
Customer B
Activity Objective
In this activity, you will migrate the customer to a VPN for Internet access. After completing
this activity, you will be able to meet these objectives:
Establish central site CE-PE connectivity for Internet access
Establish remote site CE-PE connectivity for Internet access
Visual Objective
In this activity, you will create a VPN (VRF) that will carry all Internet traffic, and then you
will create connectivity between that VPN and the customer site. Each workgroup will be
responsible for performing the configuration tasks on its PE router.
Required Resources
This is the resource required to complete this activity:
Cisco IOS documentation
118 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
Command List
All commands used in this lab have been used in previous labs.
Activity Procedure
Complete these steps:
Step 1 On your assigned PE router (PEx1 or PEx2), create a new Internet VPN VRF. The
service provider has assigned an RT of 100:600 and a route distinguisher (RD) of
100:600 for all Internet-related VRFs.
Step 2 Place the interface (114) that is supporting the central site CE router (CEx1A or
CEx2B ) into the VRF.
Step 3 Remove the central site router neighbor statement from the unicast (global) address
family.
Step 4 Add the central site router neighbor statement to the IPv4 VRF address family for
the Internet VRF.
Activity Verification
You have completed this task when you attain these results:
You have verified that the Internet routes being received by the central site CE route are
coming from its PE neighbor.
CEx1A#sh ip rou
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Activity Procedure
Complete these steps:
Step 1 On your assigned PE router (PEx1 or PEx2) that supports your remote CE router
(CEx2A or CEx1B), place the interface (115) into the VRF.
Step 2 Remove the remote site router neighbor statement for the unicast (global) address
family.
Step 3 Add the remote site router neighbor statement to the IPv4 VRF address family for
the Internet VRF.
Activity Verification
You have completed this task when you attain these results:
You have verified that the Internet routes being received by the central site CE router are
coming from its PE neighbor.
CEx2A#sh ip rou
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter
area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
120 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
B 202.100.39.0/24 [20/0] via 150.x.x2.129, 01:44:21
B 202.100.32.0/24 [20/0] via 150.x.x2.129, 01:44:21
B 202.100.33.0/24 [20/0] via 150.x.x2.129, 01:44:21
122 Implementing Cisco MPLS (MPLS) v2.1 Copyright © 2004, Cisco Systems, Inc.
The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,
for the sole use by Cisco employees for personal study. The files or printed representations may not be
used in commercial training, and may not be distributed for purposes other than individual self-study.
Task 2: Establishing Remote Site CE-PE Connectivity for
Internet Access
Configuration steps on PE routers:
PEx1(config-vrf)#interface serial0/0.115
PEx1(config-subif)#ip vrf forward Internet
% Interface Serial0/0.115 IP address 150.x.x1.129 removed due to enabling VRF
Internet
PEx1(config-subif)#ip add 150.x.x1.129 255.255.255.240
PEx1(config-subif)#router bgp 65001
PEx1(config-router)#no neighbor 150.x.x1.130
PEx1(config-router)#address-family ipv4 vrf Internet
PEx1(config-router-af)#neighbor 150.x.x1.130 remote 650x2
PEx1(config-router-af)#neighbor 150.x.x1.130 activate
PEx2(config-vrf)#interface serial0/0.115
PEx2(config-subif)#ip vrf forward Internet
% Interface Serial0/0.115 IP address 150.x.x2.129 removed due to enabling VRF
Internet
PEx2(config-subif)#ip add 150.x.x2.129 255.255.255.240
PEx2(config-subif)#router bgp 65001
PEx2(config-router)#no neighbor 150.x.x2.130
PEx2(config-router)#address-family ipv4 vrf Internet
PEx2(config-router-af)#neighbor 150.x.x2.130 remote 650x1
PEx2(config-router-af)#neighbor 150.x.x2.130 activate